Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/k32P-CVKUAvVXTWE2aY2BS8MqEE.roa
File: k32P-CVKUAvVXTWE2aY2BS8MqEE.roa (raw, json)
Hash identifier: 4LM2YKel34GR2qoJ/X050TOgy/HIu98eEzWuGgh+90g=
Subject key identifier: 93:7D:8F:F8:25:4A:50:0B:D5:5D:35:84:D9:A6:36:05:2F:0C:A8:41
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018572DF1AFB25650B2E00F227330D2A5339
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/k32P-CVKUAvVXTWE2aY2BS8MqEE.roa
Signing time: Mon 02 Jan 2023 14:25:02 +0000
ROA not before: Mon 02 Jan 2023 14:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 93.152.211.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:1a:fb:25:65:0b:2e:00:f2:27:33:0d:2a:53:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 14:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=937d8ff8254a500bd55d3584d9a636052f0ca841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e3:22:80:da:68:2f:f3:0b:92:03:61:c3:e8:
1a:12:dd:b7:e6:9c:53:f5:b0:44:13:d7:fa:ae:16:
e2:b8:b4:38:84:58:25:5c:29:0c:c4:d5:ac:9b:9b:
83:3b:3e:1d:13:6e:5b:10:95:1b:c2:37:89:e4:9e:
2d:b3:e6:19:23:68:98:0b:37:7f:cd:ed:ef:79:dc:
88:7c:3c:8e:aa:6c:cf:ec:0f:94:14:b0:53:40:c4:
36:2d:86:95:16:92:a4:b7:8b:83:e3:7a:95:51:e4:
20:b9:45:b3:09:ac:c4:6f:b0:75:67:02:67:cd:3b:
da:43:87:d9:28:b3:83:7a:ed:5b:17:55:0f:c3:8d:
1a:96:fc:1f:6c:4e:37:94:68:b7:c7:ba:f9:a5:19:
28:78:03:df:03:9d:46:c9:78:00:a0:6c:3d:91:ac:
2e:8b:61:99:bf:fb:04:55:00:cb:ef:88:29:ad:ee:
8b:d3:11:22:ec:1e:7e:40:57:bb:30:0a:94:be:ce:
56:fc:84:25:be:91:71:0c:be:cc:0b:e8:28:4e:58:
ef:5b:82:c1:22:1c:45:bc:43:da:e7:23:09:d1:95:
04:c1:eb:1e:94:96:84:6b:aa:06:73:7f:dc:bc:7d:
ac:7d:f4:f0:4f:c4:1a:d5:82:05:79:d9:86:3d:a2:
24:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7D:8F:F8:25:4A:50:0B:D5:5D:35:84:D9:A6:36:05:2F:0C:A8:41
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/k32P-CVKUAvVXTWE2aY2BS8MqEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.235.0/24
93.152.208.0/24
93.152.211.0/24
93.152.216.0/24
93.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
27:5d:16:bc:64:a3:a3:c6:c7:c6:83:3b:5f:53:24:9a:f6:35:
ce:a9:d7:9c:41:90:28:ab:81:a9:ab:25:1b:5c:a1:a5:37:45:
98:5c:fd:b8:48:a7:3d:53:92:eb:67:0a:f4:bb:23:f5:83:92:
eb:d9:13:34:ac:f7:c1:fb:35:e9:2c:08:fd:97:4a:67:99:d4:
ce:1e:07:f2:b8:b2:9a:0c:d9:bf:a9:fe:0c:a8:e4:97:6a:c9:
e9:81:93:3e:d2:03:5c:20:45:21:e7:b3:b1:19:c2:59:f7:6a:
21:d8:2f:9c:7e:61:68:7b:b6:4f:99:12:12:fd:23:07:d4:6b:
3c:fb:ac:df:66:31:15:bb:12:91:fc:04:32:92:e1:b1:7b:b2:
b0:13:0f:af:52:64:96:47:da:26:7a:3f:5b:44:22:76:95:61:
38:a1:c4:ea:f9:2a:41:e9:1c:ee:18:88:a6:34:5e:d5:cf:3e:
91:d2:9a:7b:bf:f5:51:13:24:9b:70:ab:29:8c:09:34:84:11:
14:bc:26:9c:41:3f:61:b5:15:6b:25:49:72:f6:3a:ac:37:6c:
2e:1f:3f:9f:81:e3:f2:f6:5d:f1:b5:fb:e0:9a:32:03:6a:0f:
f1:78:7c:65:89:b2:33:30:56:08:df:65:8c:40:48:a3:ae:a3:
40:88:d3:21
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVy3xr7JWULLgDyJzMNKlM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwMTAyMTQyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzdkOGZmODI1NGE1MDBiZDU1ZDM1ODRkOWE2MzYwNTJmMGNhODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+MigNpoL/MLkgNhw+gaEt235pxT
9bBEE9f6rhbiuLQ4hFglXCkMxNWsm5uDOz4dE25bEJUbwjeJ5J4ts+YZI2iYCzd/
ze3vedyIfDyOqmzP7A+UFLBTQMQ2LYaVFpKkt4uD43qVUeQguUWzCazEb7B1ZwJn
zTvaQ4fZKLODeu1bF1UPw40alvwfbE43lGi3x7r5pRkoeAPfA51GyXgAoGw9kawu
i2GZv/sEVQDL74gpre6L0xEi7B5+QFe7MAqUvs5W/IQlvpFxDL7MC+goTljvW4LB
IhxFvEPa5yMJ0ZUEweselJaEa6oGc3/cvH2sffTwT8Qa1YIFedmGPaIkRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJN9j/glSlAL1V01hNmmNgUvDKhBMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvazMyUC1DVktVQXZWWFRXRTJhWTJCUzhNcUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY3rAwQA
XZjQAwQAXZjTAwQAXZjYAwQAXZjmMA0GCSqGSIb3DQEBCwUAA4IBAQAnXRa8ZKOj
xsfGgztfUySa9jXOqdecQZAoq4GpqyUbXKGlN0WYXP24SKc9U5LrZwr0uyP1g5Lr
2RM0rPfB+zXpLAj9l0pnmdTOHgfyuLKaDNm/qf4MqOSXasnpgZM+0gNcIEUh57Ox
GcJZ92oh2C+cfmFoe7ZPmRIS/SMH1Gs8+6zfZjEVuxKR/AQykuGxe7KwEw+vUmSW
R9omej9bRCJ2lWE4ocTq+SpB6RzuGIimNF7Vzz6R0pp7v/VREySbcKspjAk0hBEU
vCacQT9htRVrJUly9jqsN2wuHz+fgePy9l3xtfvgmjIDag/xeHxlibIzMFYI32WM
QEijrqNAiNMh
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:48:49 2025 by rpki-client